Is Stateful Fuzzing Really Challenging?

• URL: http://arxiv.org/abs/2406.07071v2
• Date: Wed, 12 Jun 2024 11:01:47 GMT
• Title: Is Stateful Fuzzing Really Challenging?
• Authors: Cristian Daniele,
• Abstract summary: We discuss the reasons that make stateful fuzzers difficult to devise and benchmark. Fuzzing has been proven extremely effective in finding vulnerabilities in software.
• Score: 0.0
• License: http://creativecommons.org/licenses/by/4.0/
• Abstract: Fuzzing has been proven extremely effective in finding vulnerabilities in software. When it comes to fuzz stateless systems, analysts have no doubts about the choice to make. In fact, among the plethora of stateless fuzzers devised in the last 20 years, AFL (with its descendants AFL++ and LibAFL) stood up for its effectiveness, speed and ability to find bugs. On the other hand, when dealing with stateful systems, it is not clear what is the best tool to use. In fact, the research community struggles to devise (and benchmark) effective and generic stateful fuzzers. In this short paper, we discuss the reasons that make stateful fuzzers difficult to devise and benchmark.

Related papers

• G-Fuzz: A Directed Fuzzing Framework for gVisor [48.85077340822625]
  G-Fuzz is a directed fuzzing framework for gVisor. G-Fuzz has been deployed in industry and has detected multiple serious vulnerabilities.
  arXiv  Detail & Related papers  (2024-09-20T01:00:22Z)
• FuzzCoder: Byte-level Fuzzing Test via Large Language Model [46.18191648883695]
  We propose to adopt fine-tuned large language models (FuzzCoder) to learn patterns in the input files from successful attacks. FuzzCoder can predict mutation locations and strategies locations in input files to trigger abnormal behaviors of the program.
  arXiv  Detail & Related papers  (2024-09-03T14:40:31Z)
• DogeFuzz: A Simple Yet Efficient Grey-box Fuzzer for Ethereum Smart Contracts [38.770693229208355]
  We present DogeFuzz, an infrastructure for fuzzing smart contracts. We compare DogeFuzz with state-of-the-art fuzzers for smart contracts.
  arXiv  Detail & Related papers  (2024-09-03T11:08:53Z)
• Benchmarking Deep Learning Fuzzers [11.118370064698869]
  We run three state-of-the-art DL fuzzers, FreeFuzz, DeepRel, and DocTer, on the benchmark by following their instructions. We find that these fuzzers are unable to detect many real bugs collected in our benchmark dataset. Our systematic analysis further identifies four major, broad, and common factors that affect these fuzzers' ability to detect real bugs.
  arXiv  Detail & Related papers  (2023-10-10T18:09:16Z)
• Vulnerability Detection Through an Adversarial Fuzzing Algorithm [2.074079789045646]
  This project aims to increase the efficiency of existing fuzzers by allowing fuzzers to explore more paths and find more bugs in shorter amounts of time. adversarial methods are built on top of current evolutionary algorithms to generate test cases for further and more efficient fuzzing.
  arXiv  Detail & Related papers  (2023-07-21T21:46:28Z)
• Extractive is not Faithful: An Investigation of Broad Unfaithfulness Problems in Extractive Summarization [91.86501509439815]
  In this work, we define a typology with five types of broad unfaithfulness problems that can appear in extractive summaries. We ask humans to label these problems out of 1600 English summaries produced by 16 diverse extractive systems. To automatically detect these problems, we find that 5 existing faithfulness evaluation metrics for summarization have poor correlations with human judgment.
  arXiv  Detail & Related papers  (2022-09-08T03:25:18Z)
• UNICON: Combating Label Noise Through Uniform Selection and Contrastive Learning [89.56465237941013]
  We propose UNICON, a simple yet effective sample selection method which is robust to high label noise. We obtain an 11.4% improvement over the current state-of-the-art on CIFAR100 dataset with a 90% noise rate.
  arXiv  Detail & Related papers  (2022-03-28T07:36:36Z)
• State Selection Algorithms and Their Impact on The Performance of Stateful Network Protocol Fuzzing [10.96645260573865]
  Stateful fuzzers use state models to partition the state space and assist the test generation process. We evaluate an extensive set of state selection algorithms on the same fuzzing platform that is AFLNet.
  arXiv  Detail & Related papers  (2021-12-24T21:33:06Z)
• DeFuzz: Deep Learning Guided Directed Fuzzing [41.61500799890691]
  We propose a deep learning (DL) guided directed fuzzing for software vulnerability detection, named DeFuzz. DeFuzz includes two main schemes: (1) we employ a pre-trained DL prediction model to identify the potentially vulnerable functions and the locations (i.e., vulnerable addresses) Precisely, we employ Bidirectional-LSTM (BiLSTM) to identify attention words, and the vulnerabilities are associated with these attention words in functions.
  arXiv  Detail & Related papers  (2020-10-23T03:44:03Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.